git.ipfire.org Git - thirdparty/openwrt.git/commit

author	Paul Donald <newtwen+github@gmail.com>
	Thu, 5 Mar 2026 21:11:13 +0000 (22:11 +0100)
committer	Hauke Mehrtens <hauke@hauke-m.de>
	Fri, 6 Mar 2026 23:04:48 +0000 (00:04 +0100)
commit	1e9da9798ac2a617f9bdd9b11b1582a86133f9e8
tree	a18984ca6883b2469da375961809e19a170d9f71	tree \| snapshot
parent	d09041eb8a8e791c399ce5c3ec0b517b9655ef23	commit \| diff

ppp: add memmove fortify and remove MRU patch

memcpy() with overlapping src and dest buffers is an undefined behavior
in C. In the current code, a ConfRej response is generated by copying
input data in-place, where the dest address is lower than the src.
This happens to work in practice because memcpy() forward-copies data,
matching the behavior of memmove() in this case.

However, if FORTIFY_SOURCE or Address Sanitizer is enabled, memcpy()
will detect the overlap at run time and abort the program.

Replace the memcpy() with memmove() to ensure a well-defined behavior.

Reported-by: Filippo Carletti <filippo.carletti@gmail.com>
MRU patch https://github.com/ppp-project/ppp/pull/573

Signed-off-by: Paul Donald <newtwen+github@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/22286
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

package/network/services/ppp/Makefile		diff \| blob \| blame \| history
package/network/services/ppp/patches/501-fix-memcpy-fortify.patch	[new file with mode: 0644]	blob
package/network/services/ppp/patches/502-remove_mru.patch	[new file with mode: 0644]	blob